412480300a
commit 523628852a5f5f34a15252b2634d0498d3cfb347 upstream.
One of a class of bugs pointed out by Lars in a recent review.
iio_push_to_buffers_with_timestamp assumes the buffer used is aligned
to the size of the timestamp (8 bytes). This is not guaranteed in
this driver which uses a 16 byte array of smaller elements on the stack.
As Lars also noted this anti pattern can involve a leak of data to
userspace and that indeed can happen here. We close both issues by
moving to a suitable structure in the iio_priv().
This data is allocated with kzalloc so no data can leak appart
from previous readings.
It is necessary to force the alignment of ts to avoid the padding
on x86_32 being different from 64 bit platorms (it alows for
4 bytes aligned 8 byte types.
Fixes:
|
||
|---|---|---|
| .. | ||
| acpi-als.c | ||
| adjd_s311.c | ||
| al3320a.c | ||
| apds9300.c | ||
| apds9960.c | ||
| bh1750.c | ||
| bh1780.c | ||
| cm3232.c | ||
| cm3323.c | ||
| cm3605.c | ||
| cm32181.c | ||
| cm36651.c | ||
| cros_ec_light_prox.c | ||
| gp2ap020a00f.c | ||
| hid-sensor-als.c | ||
| hid-sensor-prox.c | ||
| isl29018.c | ||
| isl29028.c | ||
| isl29125.c | ||
| jsa1212.c | ||
| Kconfig | ||
| lm3533-als.c | ||
| ltr501.c | ||
| lv0104cs.c | ||
| Makefile | ||
| max44000.c | ||
| opt3001.c | ||
| pa12203001.c | ||
| rpr0521.c | ||
| si1133.c | ||
| si1145.c | ||
| st_uvis25.h | ||
| st_uvis25_core.c | ||
| st_uvis25_i2c.c | ||
| st_uvis25_spi.c | ||
| stk3310.c | ||
| tcs3414.c | ||
| tcs3472.c | ||
| tsl2563.c | ||
| tsl2583.c | ||
| tsl2772.c | ||
| tsl4531.c | ||
| us5182d.c | ||
| vcnl4000.c | ||
| veml6070.c | ||
| vl6180.c | ||
| zopt2201.c | ||